Vendor Risk Management

Streamline Vendor Risk Assessment Workflows

OneTrust Vendorpedia

Third-Party Risk Management Software

Automate the Vendor Engagement Lifecycle, from Onboarding to Offboarding with 360° Third-Party Visibility

Request Demo

Are Your Vendors (and Their Vendors)
Safe To Do Business With?

OneTrust Vendorpedia simplifies third-party risk management by combining automation with aggregated vendor research to streamline the vendor engagement lifecycle, from onboarding to offboarding. The platform consists of eight pillars, working together to help you conduct faster and more in-depth security and privacy reviews.

The OneTrust Vendorpedia Platform

Vendorpedia Assess

Identify & Mitigate Risks

Automate security & privacy assessments, conduct financial due diligence, monitor SLAs & performance, test controls, and streamline issues & exception management

Vendorpedia Exchange

Access Pre-Populated Research

Access evergreen research on thousands of vendors with service- and product-level granularity, including security & privacy certifications & pre-completed risk assessments, updated daily

Vendorpedia Data Mapping

Add Business Context to Vendor Risks

Link your vendors to the IT systems and business processes they support to add context to risk, visualize lineage diagrams, and keep your data map up to date

Vendorpedia Breach & Enforcement Tracker

Get Alerted When Vendor Breaches Occur

Receive notifications about vendor breaches and regulatory enforcements, monitored by our in-house security and privacy team and backed by OneTrust DataGuidaince research

Vendorpedia Chasing

Offload Assessment-Related Work

Leverage free risk assessment services performed by the OneTrust team to chase vendors on your behalf, offloading work and enabling faster questionnaire completion

Vendorpedia Contracts & Documents

Manage Key Contract Terms

Scan and report on key contract terms, and manage certificates, evidence, and vendor documentation in a single repository, as well as integrate with contract management tools

Vendorpedia Monitoring

Maintain Ongoing Vendor Oversight

Get alerts on critical vendor security and privacy changes, including 4th-party changes, incidents & breaches, as well as leverage an automation engine for trigger-based reassessment

Vendorpedia Autocomplete for Vendors

Automate Custom Questionnaire Completion

Empower vendors to autocomplete any questionnaire, even custom ones, to speed up assessment response time for assessments, free and available for any vendor to use

OneTrust Vendorpedia Pricing

Unlimited Vendors, Unlimited Assessments


No Cost
per month

  • 1 Administrator
  • Built-In CSA CAIQ Questionnaire
  • Customizable Vendor Profiles
  • English Only
  • Email & Knowledgebase Support


per month

  • 3 Administrators
  • Full OneTrust Template Gallery
  • Built-In Controls & Frameworks
  • Basic Assessment Workflows
  • and much more...


per month

  • Unlimited Administrators
  • Single Sign-On (SSO)
  • Data Mapping Integration
  • Advanced Assessment Workflows
  • and much more...


Contact Us
for more information

  • Unlimited Administrators
  • Plugin Integration Marketplace
  • Unlimited Languages
  • Enterprise SLA
  • and much more...
View Full Pricing

Get Started with the OneTrust Vendorpedia Platform Today

OneTrust Vendorpedia is simple to deploy, easy to use, and works seamlessly with the rest of the OneTrust platform. Request a demo to see how you can streamline your third-party risk program.

Request Demo

Adaptable to Your Needs, Regardless of Industry, Size, Location, or Use Case

Manage Any Type of Third Party

Automate the vendor engagement lifecycle, from onboarding to offboarding for IT and non-IT vendors, direct suppliers, services and legal organizations, franchisees and retailers, as well as agents and contractors.

Use or Tailor Any Standard

Assess vendors with greater flexibility to fit your use case, with support for every industry standard, framework, and law, including CSA CAIQ, SIG, SIG Lite, HITRUST, PCI DSS, NIST, ISO 27001, GDPR, NYDFS, CCPA, and many more.

Assess Risks with Greater Granularity

Gain insight into the security and privacy risks of third parties at a granular level, including the vendor risks as a whole, as well risks specific to engagements, products or services, contracts, processes or IT systems.

Optimized for Teams

Collaborate with multiple stakeholders across teams with ease, including procurement, InfoSec, privacy and legal, audit and compliance, vendor management and third-party risk, and individual business owners.

Powered by OneTrust DataGuidance

Backed by the world’s largest and most up-to-date database of privacy and security laws, frameworks, and standards, which directly power and enrich OneTrust Vendorpedia. Research is generated by 30 in-house security and privacy experts and a network of 500 lawyers across 300 jurisdictions.

Instantly Connect to the Tools You Depend
on with Hundreds of Pre-Built Plugins

Integrate with Turnkey Marketplace Plugins

Seamlessly connect with existing systems, including procurement, contract management, CMDBs, ITSMs, GRCs, and Security Rating Services. The OneTrust Integration Marketplace comes with more 100+ out-of-the-box plugins for the tools you use most.

Get Even More Value from Your Vendor Data with OneTrust Platform Integrations

Link vendors to the IT systems and the business processes they support with Data Inventory & Mapping. Streamline data access and deletion requests with Consumer & Data Subject Rights Management. Pre-populate PIAs and DPIAs for faster Assessment Automation. And lastly, leverage the vendor and contract context you need for more intelligent Incident & Breach Response.

Why OneTrust Vendorpedia?

Contextual Metrics

Add business context to key risks, controls & performance indicators (KRIs, KCIs, KPIs)

Free Vendor Chasing Service

Offload work to the OneTrust team to rapidly complete vendor risk assessments

Powerful Reporting

Create audit-ready reports with rollup risk views and interactive dashboards

Industry’s Largest Exchange

Access research on thousands of global vendors, both big and small, updated daily

Unlimited Vendors

Assess all your vendors as many times as you need to without any extra costs

Integrated with OneTrust

Keep your data map updated, fulfill data requests, and respond to incidents faster


Blog Article

How to Get Third-Party Risk Assessments Completed Faster

Read Now

Blog Article

How to Maintain an Up-to-Date Data Map with OneTrust Vendor Risk Management

Read Now

White Paper

The Ultimate Vendor Risk Management Handbook

Download Now

Analyst Report

On the Radar: OneTrust Vendor Risk Management

Download Now

How OneTrust is Defining the Future of
Privacy, Security & Third-Party Risk

Powered by 50 awarded patents, our platform drives innovative compliance programs for companies of all sizes across the globe.


Easy to use and scalable tools to power all your privacy and security use cases in a single technology platform.

50+ Patents Awarded
60+ Languages Supported
300+ Technology Plugins


World-class privacy and security research insights powered by a massive regulatory database updated daily.

30 In-House Researchers
500 Lawyer Network
300 Jurisdictions Covered


Customer-driven and certified global team available 24×7 to support your successful program deployment.

100+ Implementation Team
2,500 Certified Partners
95% Customer Satisfaction


Largest active community of global privacy technology professionals sharing best practices.

10,000+ Participants
250+ Global Workshops
100+ Cities Worldwide